* Posts by h4rm0ny

4573 posts • joined 26 Jul 2008

Samb-AAAHH! Scary remote execution vuln spotted in Windows-Linux interop code

h4rm0ny
Silver badge

Re: Another Open Source security problem

>>"If that's what you want to believe, you might want to read say:"

And if you think those contradict my post, you my want to read what I had to say: "it's very hard...".

In Closed Source code, you have to compromise the vendor and that is job done - yes, it possible that outside parties might find evidence of backdoors from decompiling, but it's difficult and time-consuming and, after all, we're talking about the ease of getting backdoors in there, not the relative merits of how hard they are to find (which OS also wins, btw). Whereas with Open Source, you have to camouflage your backdoor well enough to pass inspection by some very skilled people. Seriously - read your own link on the Dual Elliptic Curve Deterministic Random Bit Generator exploit and try and tell us again that this isn't far, far, far harder to pull off than a few IF statements.

6
2
h4rm0ny
Silver badge

>>"No that's not sensible - both for security and for resources. It should start a new thread and the thread should impersonate the user. This is how it is done in Windows."

That would still require the Samba daemon to run as root. Within the constraints of the UNIX security model I'd be interested to hear of any approach that could work without this. If you want to argue that the Windows security model (Vista onwards) is better than the UNIX model, I agree with you. But I don't see a fault here on the part of Samba's design.

Also, I'm not sure the resources criticism holds up. Why do you think it makes any relevant difference?

5
0
h4rm0ny
Silver badge

Re: Another Open Source security problem

Did anyone ever claim that Open Source was completely bug free? Is the claim that this bug would not have existed if this were closed source? That would obviously be a ridiculous claim, so what are you trying to say? As far as I can tell you're just creating a strawman to attack as no-ine here has claimed such a thing.

And if you're trying to argue that ability to review the Source Code doesn't help, that's plainly not true as Microsoft would not have been able to review the code, find this problem and submit a patch. Unless in your hypothetical universe of closed source Linux they were sending copies of their source to their chief competitor whilst hiding it from the public..."huh?"

The real unarguable benefit of Open Source is not that it will always have fewer vulnerabilities than closed source software, but that it protects against deliberate subversion. It may or may not have accidental flaws but it's very hard to put a statement in there saying "if blnNSA == True..." And that's important.

The other critical thing is that in most cases, open source software is also Libre software, which means people can build on it. I've been involved in Libre Software for over fifteen years and I never recall us ever arguing our code would be immaculate. Instead we argued "Free as in speech", "Usually free as in beer", but never that I can recall "Free as in free of all bugs".

Yes, there is an advantage to the "thousand eyes" principle for security - you're posting on a story about a patch that would have existed without that - but you're basically strawmanning against something no-one here has claimed.

27
5
h4rm0ny
Silver badge

It's because when you connect to a Samba server on GNU/Linux it forks a new process under the credentials that you're accessing with, which is sensible enough. But only root can fork processes as another user so the Samba daemon itself has to run as root.

I guess it's an artefact of grafting support for the MS protocols onto GNU/Linux rather than having a true remote login. You need to be able to act as different users without an actual direct login as them... so root it is.

14
0
h4rm0ny
Silver badge

Re: MIcorosft contributing security fixes to Samba

This also has only been publicized after a patch was available - Google take note of how things should be done. There's also an immediate workaround you can apply in the config file if you can't apply the patch immediately.

27
6

'Utterly unusable' MS Word dumped by SciFi author Charles Stross

h4rm0ny
Silver badge

I like MS Word...

It's good. Seriously, author with noted political stance on software has trouble with Word? This is a news story now? I helped someone who was saying almost exactly the same thing about Libre Office last week which I'd installed for them because they wouldn't pay for Word. They couldn't figure out how to change the line spacing. Is that Libre Office's fault that they couldn't figure it out and said the software was impossible to use? No, they're just technically inept and prone to hyperbole.

31
34

AMD's new Carrizo: The x86 notebook processor that thinks it's a GPU

h4rm0ny
Silver badge

Re: Interesting

"Yes, thats right. No two chips will run quite the same. This is a very clever idea by AMD. That's better than the previous approach used by AMD (and Intel) where no chip ever ran at its full potential; every die was graded at fixed speed bins and labelled at the one where it worked"

We used to have Socialist chips. Now we have Capitalist chips.

6
0

Lenovo shipped lappies with man-in-the-middle ad/mal/bloatware

h4rm0ny
Silver badge

Re: Criminal

>>"Why? If it's advertising related then volume counts over quality every time. And even ID theft is a game of volume over quality."

Because in the scenario I was evaluating. the purpose of this was spying on people and using advertising as a cover (which this flaw enables), the actors behind that would have to be state level players. (E.g. Chinese government, NSA, etc.). They wouldn't be interested in indiscriminate harvesting, but on targetting high level players.

One could make a case that mid-level people might have more valuable access as that is where most of the IT people with dangerous access live, but I don't think that would be the case.

Anyway, I think the probability is that this is [I]unwitting[/I] breakdown of security in the greed of Lenovo wanted a pittance of advertising revenue with each laptop sale (note to El. Reg: not "lappy"). But still, it makes you wonder.

2
0
h4rm0ny
Silver badge

Re: I'll give you three guesses

Composing a ballad on the subject of FinFET architecture?

2
1
h4rm0ny
Silver badge

Re: Criminal

"If Superfish were masquerading as other businesses via certificates issued under their root certificate "

They were, that's how this works. Pretty much everything you wrote is correct and would form a viable basis for legal action if someone / some group chose to pursue this.

I would like to know how high up the management chain actual understanding of how this worked went. At the top is there someone signing off on a deal that "shows some ads" or is there someone who knows that this is actually breaking a fundamental security component of the web and impersonating websites. It's not a silly question - someone in the chain must have known the implications of this so I wonder how high it got before someone decided to accept responsibility for the decision and chose to do this without flagging the implications higher. That person knowingly endangered their customer's security and I would imagine anyone making that decision wanting to be able to pass the responsibility upwards and say: "i raised it with my boss in this email and they said okay". So it could have risen pretty high indeed.

Which also raises the question of whether there was another motive for this. What this has meant is that the security of very many people has been compromised. It could be greed and incompetence but it also can be a way of spying on people. And if you get caught - it's adware, we didn't know better! There's no way with this installed you can know if you've been compromised or not.

I'm leaning to that not being the case simply because this isn't present on the highest end laptops which would obviously be the best targets. But still, it makes you wonder.

11
0

Linux kernel dev has gone well and truly corporate – report

h4rm0ny
Silver badge

Re: 16.4 per cent and 2.5 per cent leaves 81.1 per cent.

>>"...And that's the type of proposition open source fanatics don't want to see discussed openly, even though it's a reality. The NSA already has significant chunks of code in just about every major Linux distro going by the name of SELinux"

I have plenty of objections to the bundle of ad-hoc fixes that is SELinux, but oddly enough it being a ploy by the NSA is not one of them. And this is from someone who had an extended argument on these forums about Windows vs. Linux security models. All of the SELinux code is Open Source and it is scrutinized by some very smart people who have no affiliation with the NSA (and in some cases are pretty much enemies, such as the Chinese government). When it comes to security against third parties, both Open Source and Proprietary have advantages and disadvantages and neither is inherently more secure, imo. But when it comes to security against a subverted vendor, Open Source has a clear and demonstrable advantage - you can inspect what you're given.

There could be cleverly hidden flaws in GNU/Linux, but I think the main threats to any user are going to be accidental vulnerabilities or (from well-resourced enemies) firmware exploits. Sorry for the long post - I just don't think SELinux is subverted.

1
1
h4rm0ny
Silver badge

Re: Snowballing

>>"Rolling your own kernel used to be fairly easy, but it's a lot of work now."

I was a happy Gentoo user for several years, so I concede my perspective on this may not be that of the average inhabitant of this planet, but what is it you think has made it a lot of work these days, compared to how it used to be?

0
0

Microsoft's patchwork falls apart … AGAIN!

h4rm0ny
Silver badge

90 days!

And some people want to hold an axe to their head by threatening public disclosure of any vulnerabilities lasting 90 days!

Testing - it's not just for Michael Gove!

4
2

Now not even muggers want your iPhone

h4rm0ny
Silver badge

Re: urrr... they will still steal your device

>>"Yeah, because your average punk knows all about "Faraday bags". (Good grief!)"

Common misconception that the average street criminal is stupid or doesn't learn this stuff quickly. The last person I knew who stole things semi-regularly also used Tails for their OS because they'd heard it was good for stopping the police spying on you. You'd be surprised - plenty of people's lives go off the tracks for reasons other than not being smart.

Generally speaking someone who goes about stealing phones will have a lot better and more current knowledge about the security systems of phones than most people who own them. They may not know what a Faraday Cage is or how it works, but being told that putting a phone inside one of those bags you get with computer bits stops the kill switch being activated is exactly the sort of trick that gets passed around very quickly.

Not that I'm arguing these kill switches aren't very effective - they clearly are. I'm just pointing out that people can be a lot more informed than you think.

8
0

Microsoft makes 'business case' for marriage equality

h4rm0ny
Silver badge

Re: Final remark

>>Trevor's obnoxious post, which appears moreover to be a personal reflection on his own life, provides us with another look at the typical bullying and abusive format, which are excellent examples of what I call "destructive intelligence".

Trevor Potts is just like that. He has previously actively tried to track down people from El Reg. forums to find who they are in real life and has previously threatened to give me a kicking (accompanied by several assurances that he genuinely would like to and only the threat of getting caught stops him) for an argument over operating system UIs! And posts the same angry rhetoric at people who favour IPv6 as he does those who oppose gay marriage. He doesn't distinguish - just enjoys posting antagonistic and hateful posts to anyone who gives him an excuse to be "righteous". I would just ignore him like others do.

0
0
h4rm0ny
Silver badge

Re: MS going for the niche markets!

>>"Yes, you are probably correct that my arguments may are flawed and probably badly formulated. Unfortunately I was neither blessed with the gift of rhetoric nor that of public speaking so I have to make do with what I have."

I am not attacking you over style or presentation. My issue was that I pointed out basic flaws in your argument - logical flaws not ones of preference or belief - and you responded to my post calling it the usual think of the minorities diatribe. That I objected to. I'm quite happy to debate civilly with everyone but wont accept misrepresentation of what I say.

>>"In my mind the point of marriage is to begin the foundation for a familly. A family has figures; a mother, a father and eventually children ( 1..n). This is my conception of a familly, I am sure that many, if not most, share this conception."

See, now this to my mind is a far more cogent argument from you than your initial post. In your initial post you were attempting to find superficial reasons to support a pre-existing conclusion - that homosexual marriages should not exist. As is typical where the desired conclusion is placed ahead of arguments, there were logical flaws. The above however, is something that can more reasonably be debated. And indeed, with that specific point above I largely agree - children should have a stable and reassuring environment growing up hence the need for a solid commitment (typically called marriage). Without that need, two people might as well just live out their relationship's natural span based not on legal and social commitment, but based on respect for each other and desire to be together. I.e. no need for marriage (though some may still want).

conception of a familly, I am sure that many, if not most, share this conception.

>>Within a familly, I believe that for a child to grow within a healthy framework, he will need a father to be fatherely ( something a mother cannot provide) and a mother to be motherly( something that a Father cannot provide), The relationship that he will have with either parent will be different, often learning the same things but from different points of view

Here I somewhat disagree. I reject the idea that only a mother can be "motherly" or a father "fatherly". These are for the most part socially enforced roles, not intrinsic ones. There are plenty of fathers more tender and caring than many women are, and many women who are more... well I don't know what it is you think "fatherly" means, but lets go with protective, aggressive or whatever. It really doesn't matter - pick any trait and you'll find plenty of women who have it buckets more than most men and vice versa for men over women. We're people first, not a sex. That these cases are not uncommon should be demonstrable to anyone with a reasonable social life.

There was a study some time ago of lesbian couples that found a baby would start to put parents into a father & mother role whether the female-female parents wanted it to or not. The child would simply start to favour one over the other despite their best efforts. But I saw nothing in that study to show that a child is harmed by one of those roles being filled by a woman (or man), only that children were predisposed to do so.

The thing is, all else being equal it probably is better for a very young child to have one parent of each sex because that provides a greater breadth of role-models. But things never are "all else being equal". Rate parenting quality on some hypothetical and impossible to actually create scale of 1...100 and say you get +2 points for having role-models of both genders. How much does that compare to the +20 of having two parents who really love each other, or the -30 of having one of those parents be unfeeling and distant? It doesn't. And I could even make a case that same-sex couples can have hidden benefits such as not propagating unhealthy social expectations. I am a feminist. In any traditional couple you are likely to have slightly different domestic behaviour between the male and female parent. A female child will likely more identify with the female parent and thus gender-based roles are perpetuated. Whereas a female child with two male parents would not run that risk.

Of course there are some benefits to a male-female parent unit. It can be handy for a child to have someone of their own sex to talk to - especially when they hit puberty. But that doesn't mean that any given same-sex couple is going to be bad as parents. Or even that these problems are especially difficult to overcome!

Basically, your argument based on the idea of marriage being about children is a supportable position to some extent (imo), but not your corollary that only male-female can be good parents.

>>"Because of this thread I had a quick read up on homesexuality, "ephebic love", within the greek, Roman empires as I feel that they probably represent contemporary society better than any other. It seems as though once more history is repeating itself...."

This, I regard as just some bizarre perversion of an Appeal To Tradition fallacy. And no, I don't think we're going down the same path as the Romans because we're becoming more tolerant of homosexuality.

2
0
h4rm0ny
Silver badge

Re: MS going for the niche markets!

>>"Can you honestely admit to caring for all minorities ? Really ?"

I can't think of any particular minority off the top of my head that I am out and out against. I have a strong dislike of idiots but sadly I think minority doesn't apply.

Regardless, I pointed out all sorts of logic problems in your post and your response is to demand perfection from me as if that were a counter-argument. I'll add that to the list of fallacies, shall I?

>>"Proving my logic wrong does not remove the general idea behind the comment."

Well no, what it does is falsify reasons why your idea should be accepted as a good position. If you say you think X because of reason Y and Y is then shown to be wrong, it doesn't show that X is wrong, but it does show you need to come up with other reasons why we should share your prejudice or MS should not be in favour of gay marriage.

>>"No, I do not agree with the current public agenda of acceptance of gays and their particularities. Should I now be publically hung for saying that ?"

No, we're more civilized these days - we have Downvotes instead of hanging. You might have noticed those. Anyway, I don't think I said anything remotely violent to you. I tore your logic apart but nowhere did I advocate violence or aggression. That's your persecution complex, I think.

>>"What is it with this dictatorship that says that we must all agree with the current politically correct agenda. Why should people accept that which they do not agree with ? Who does it really satisfy, apart from the wolves ?"

I don't anything about any wolves but didn't this start with you objecting to MS not agreeing with your own agenda? You seem to be starting from an assumption that a current situation is inherently more valid than a future one unless someone can prove to you that improving the rights of gay people is worthwhile. I rather say that as improving gay rights is obviously good for many people it's up to you to prove why improving such rights would be a bad thing. Agree with it or not is up to you, but if you want to show that something is wrong you need reasons why.

>>"This current gay issue is yet another of those BiPolar causes whereby you are either for or against...."

I'm not sure there's a great deal of middle ground on whether gay marriage should be legal or not. I mean, it is or it isn't. But I don't think it's quite how you describe. For example some people believe churches / religions should be forced to recognize such unions and perform equivalent ceremonies whereas I believe it's really up to the religion. So yes, there is middle ground even on something as binary as this.

>>and when you are against it appears that you are now treated as a hater, a vile and wicked person..

Well the essential reason for this is no-one can see why it would inconvenience you for it to be legal. So opposing it makes it look like you're actively trying to make things bad for other people for no reason. If that is not the case, you need to show how gay marriage is bad.

>>"By concentrating on futile issues we become blind to the overwhelming ones"

Gay marriage isn't a futile issue - there is substantial progress made on it and continues to do so. I believe it will become normal and gain legal equivalence. I also reject the idea that my caring about it (or anyone else's), requires such concentration that I cannot also care about other issues also.

4
0
h4rm0ny
Silver badge

Re: Poly?

>>"Yes, I do know that any society is concerned about the future generation growing to become a valued member (hopefully), so that begs the question of why do childless couples get special treatment even before conception of a child, while single parents only get the child deductions but not half the marriage deductions? Homosexual and other alternative life-style individuals deserve equal treatment which seems to be where our Supreme Court is going. I still have lot's more questions but I'll stop there."

My position is that state benefits should be about children. I'm fine with that not applying to childless male-female couples just as much as male-male couples, and I'm similarly fine with the benefits applying to male-male or female-female couples that adopt just as they do for a male-female couple that has a child. So really, imo, this entire aspect should be separated from marriage.

But state benefits are only one aspect of the legal implications of marriage. Others include input into medical decisions when one party cannot consent, inheritance and matters of ownership when a long-term couple split up. These legal benefits and burdens should be extended to gay couples as well.

1
1
h4rm0ny
Silver badge

Re: MS going for the niche markets!

>>"This is exactly the type of comment that I presumed would be made. The usual diatribe about how important it is to take care of the minority."

Actually, whilst I would cheerfully make a case why minorities should be taken care of (we're all minorities by some measurement or the other), the three major problems I pointed out with your post were all fundamental flaws in your logic even accepting your starting position of not caring about gay rights. So no, I don't think that is the type of response you "presumed would be made".

>>"Yes, I know gay people, I have worked with 2 gay men for the last 6 years, they are not a couple ( both in their 40ish's). Do either of then want to get married, nope, and after speaking with them they honestly couldn't give a shit about those that do."

Why do you expect members of a demographic to speak for all of a demographic? That's right up there with "So, what do Black people think about this?" It's a fourth massive flaw in your reasoning to add to those in the original post. If you're now actually attempting to prove that gay people don't want marriage equality do you not think it is more scientifically valid to look at the many who are campaigning for their right to marry rather than the two you have worked with?

Honestly, I haven't even addressed your deplorable lack of caring for "minorities", your posts are riddled with reasoning errors so don't pretend my response was just "usual diatribe about how important it is to take care of the minority"

6
2
h4rm0ny
Silver badge

Re: MS going for the niche markets!

>>"1%, no, it's even lower than that. Which percentage of the that 1% of gays actually care about getting married... This probably relates to a PR project that is actually geared towards less than 0.1% of the population of Microsoft.

Even if we accepted your belief that a company shouldn't stick up for minority rights due to their being a small part of the market (something I would be very happy to take on separately), the edifice of logic you have built on this belief is flawed. Firstly, you take no account of the level of resource. I mean you compare it with the percentage of people who use Linux as if, say, spending a large amount of effort in making MS Office on GNU/Linux or providing Linux images on Azure (which they do, incidentally) would be more worthwhile than making the occasional political statement in favour of human rights or clarifying their position.

One wonders how you see things in your head: "Shall I post that blog comment saying we're in favour of marriage equality? No - they're only 1% of our target market, have a couple of dozen engineers spend a few months implementing DX12 on Ubuntu, that's 3%". You see how poor your logic is? You can't say "they're 1% of our customers, a public statement isn't worth while"

The second and even more telling way in which your logic is flawed, is to assume that only the 1% (I'm just going with your questionable figures here, btw) care about marriage equality. YOU may not have any gay friends but many of the rest of us do and even though I'm not gay myself, I still want equal rights for those who are so this "PR exercise" as you term it, doesn't just appeal to "1%". It appeals to most people who believe in equal rights and that's most of us, I would hope. I think you missed that because you don't want them to have equal rights so it didn't occur to you.

Finally, there are plenty of well-qualified people out there who happen to be gay. A company that has an explicit corporate culture of tolerance is likely to be seen as a preferable employer over one that keeps its head down from any political controversy and doesn't say a word. So a further win that you've neglected, gained by simply clarifying a position and going on record as in favour of a basic human right for all.

Microsoft is one of the largest companies in the world. Far from THE largest but pretty big and a household name. If they come out in favour of marriage equality and say they're pushing for it, that does a lot of good. Though not in your eyes, obviously.

7
1

Linux 3.19 released for your computing pleasure

h4rm0ny
Silver badge

If there's no reason to go to 4.0...

...then don't go to 4.0. Major version numbers are for significant changes. If this is a collection of further small refinements, 3.20 is fine. It's actually a sign of a mature product.

11
0

They've finally solved it: Schrödinger's cat is both ALIVE AND DEAD

h4rm0ny
Silver badge

Re: Ophidia in herba

Well now you can do both!

13
0

Assange's cop chaperones have cost £10 MEEELLION to date

h4rm0ny
Silver badge

Re: h4rm0ny He's obviously dangerous

>>"But that is not the cost just of guarding him. The Police have to provide policing and a protection detail for the Ecuadoreans anyway, just as they do for any foreign consulate or embassy, and so the figure quoted is a massive stretching of the truth"

Is it a massive stretching of the truth? Please do tell us what the normal cost of guarding the embassy was before Assange took residence there. You presumably know seeing as you're dismissing the £10million figure as pretty much incorporated into the regular necessary operations.

>>"Personally I'm quite happy for my taxes to have paid for him to be locked up in an HMG prison or one of his own making."

Seriously? You prefer that £10m of police resources are spent on keeping this person locked up than on violent or otherwise dangerous criminals? Or even just investigating every day crime? The police are underfunded so you can't say it doesn't impact other police work. And if you genuinely despise him that much or regard punishment for embarrassing the US government by leaking true information as that much more important than normal police work, your priorities are badly messed up.

0
2
h4rm0ny
Silver badge

Re: Captain Daft idiot

>>"Gosh, a jer-nah-lest deliberately choosing a misleading picture, how unusual - not!"

This is also a website that uses pictures of models to illustrate Google's latest privacy action - I don't think anyone regards the photos on El Reg. as authoritative. So let me instead ask you if you think the £10 million figure is misleading or made up? That's more to the point when discussing the disproportionate expense than a photo, isn't it?

0
1
h4rm0ny
Silver badge

Re: 10,500 GBP per day

>>"Believe it or not, but the going rate for an armed bodyguard in London is in the 700 GBP/day range"

Is it legal to be an armed bodyguard in London? How does one go about being legally allowed to go armed in London?

0
0
h4rm0ny
Silver badge

Re: Budget Leaks

>>"No... It's that normally, when skipping bail, criminals (Assange is now a criminal for breaching bail conditions) tend not to advertise their location on the nightly news. If they did, I suspect plod would pop along to have a chat as well."

You can literally go to the station sometimes and in some places and tell them exactly where the person who threatened you is and they wont go round there. The police are simply too busy to chase everyone down. You can call the police and they have your exact location and it will still take them forever to get there half the time. But if someone is embarrassing them or the Americans on TV, then - as you continue to agree with me - it's suddenly worth £10m quid to follow them around. It is utterly absurd to continue trying to say that this level of resource would be applied to other people and that it's not because it's someone who has publically embarrassed governments.

7
2
h4rm0ny
Silver badge

Re: Budget Leaks

>>"Have they done it on national television?"

As I said and which you have now agreed with - it's not about right or wrong, but about government embarrassment.

5
5
h4rm0ny
Silver badge

Re: i cant beleive

>>"Out of interest, do we have anyone in our embassies we shouldn't?"

Most of the upper levels of our own government?

12
0
h4rm0ny
Silver badge

Re: He's obviously dangerous

>>"The charge was for not using a condom when the girls thought he was. That's some sort of crime there apparently!"

That certainly should be a crime. However, I think you have slightly misremembered the details.

10
4
h4rm0ny
Silver badge

Re: Budget Leaks

>>"Actually, yes. That and contempt of court by jumping bail"

Something thousands do without any such level of expenditure on them by the government. Ergo, there is a different reason at play here. You cannot be so set upon blaming Assange that you refuse to acknowledge this.

>>"I used to have sympathy, but we've seen far braver, less weaselly whistleblowers (Manning, Snowden) making Assange apparent as the megalomaniac paranoid attention seeker he is"

One spending the next thirty-five years of her life in prison and the other exiled to Russia and quite probably never able to leave. Yes, trying to avoid these fates makes someone a "megalomaniac paranoid attention seeker", of course! Heaven forbid we entertain the idea of someone embarrassing the US government and get away with it. Only Hollywood-level sacrifices are worth dignifying. If someone wants to do something without being willing to die for it, well what kind of lame excuse for an activist is that?!!??

13
3
h4rm0ny
Silver badge

Re: idiot

>>"If he is innocent then he will be fine"

Bless.

19
4
h4rm0ny
Silver badge

Re: He's obviously dangerous

>>"Did you ever think that they were also there for his protection too?"

Well, no, not really. The government doesn't spend £10 million to protect you or me when we're threatened by some vicious ex-partner or similar even when you can be pretty certain an attack is coming. So you think they'll spend it on protecting someone who is a major nuisance to them out of the goodness of their hearts? I mean just in case the Ecuadorian embassy gets stormed by attackers? Your argument is more based on the fact that you don't like him. If it's costing this much, just stop guarding him.

But oh wait, that would embarrass Britain in front of America when he gets away so lets carry on wasting millions. Can't have someone embarrass America publically and get away with it! And if anyone is daft enough to think that isn't the reason ask yourself if millions would have been spent on any regular person who was wanted just for questioning by another European country. If that were the real reason, they could have very easily had a couple of officers come over here and question him at a tiny fraction of the expense.

25
1

The Interview? Kim Jong-Un, you really shouldn’t have bothered

h4rm0ny
Silver badge

Re: Cut! or hack?

>>"Interesting that the Sony haters are still deluding themselves that it wasn't north Korea, despite everyone with knowledge saying it was."

Whether they did or they didn't, you more show your own lack of knowledge of the security world than the person you replied to with this comment. Plenty of intelligent people doubt whether it was really North Korea behind the attack and there are good arguments why it may not have been. If you're calling news outlets like Ars Technica and El Reg. "deluded" for questioning whether it actually was NK or not, then you're going to have to back that up. And it has NOTHING to do with whether or not someone is a "Sony hater". Seriously - is that a thing? I thought it had eventually died off after that rootkit fiasco finally dropped out of the news.

4
0

Still using Adobe Flash? Oh well, get updating: 15 hijack flaws patched

h4rm0ny
Silver badge

Re: Ads?

I'm fine with sites having ads on them (so long as they're not auto-playing video or horror of horrors include sound). In fact, I *want* El Reg to make a nice profit.

All that I object to is tracking. So where possible I block that without blocking the ads. This does devalue the ads very slightly perhaps, but it's what I'm willing to offer.

2
1
h4rm0ny
Silver badge

>>"Use Chrome... It's just been updated... No? Use IE or FF and get pOwned."

Did you even bother to take five seconds to research this? IE already has the latest version of FLASH included in its automatic updates. I just checked my copy here and it has the latest version number released by Adobe. Firefox is a simple update as you get the plugin direct from Adobe.

If anyone wants to quickly check whether they are up to date just go here:

http://www.adobe.com/software/flash/about/

It lists what version you have installed and what the latest version is on every platform.

1
1

RIP Windows RT: Microsoft murders ARM Surface, Nokia tablets

h4rm0ny
Silver badge

Re: hmm

>>"no one wants to adopt a new platform today that won't exist in five years time, condemning MS to continued failure away from their x86 home turf."

If you use the new Windows Runtime APIs, then your software would work fine on both the x86 Windows and the ARM version. It's a simple configuration option at compile time.

4
7
h4rm0ny
Silver badge

Re: Surface 2 with Win 8 RT-edition

It does have Tracking Protection. That's part of IE11. Surprisingly, a lot of people simply don't know it exists. Swipe in from the left, click on Settings and Privacy and its in there as the top option, I think. You can add as many lists as you want including the one that Adblock itself uses.

Anyway, shame to see it go. It may have served its purpose in threatening Intel by showing that you actually could create a viable OS on ARM and MS were willing. It could have been more than that, though. I have a Surface 2 and find it a great device. Good as a tablet and I can do Office work on it quite comfortably when I want to. Great device.

2
0

Google gets my data, I get search and email and that. Help help, I'm being REPRESSED!

h4rm0ny
Silver badge

Re: Indolent Wretch Not so fast

>>Similarly, when Google and co do their analytics and tell their customers "next year is not going to see a rise in lamb burger demand" they are helping make the economy more efficient"

All of your post up to this point is supportable and reasonable. And then you make this giant leap from what you're talking about to Google's profiling of people being the same thing.

1
2
h4rm0ny
Silver badge

Re: Not so fast

Worstall's argument pretty much goes wrong at this point: "And that's what leads to the spraying: the assumption being made that people who are trading something they don't value much for something they value more is a market failure."

Firstly, it remains a wrong thing for people to give away something valuable even if they don't realize its value. Witness any case of people being swindled out of something they didn't know was a precious antique, etc. Is their lack of awareness of its value relevant to whether it is right or wrong? I would say it is clearly not. Secondly, it assumes choice. Google probably has a very substantial profile on me by now because its tracking is implanted in much of the web. I'm faced with a choice of make major career-impacting decisions to give up the Web, expend large amounts of effort trying to fight all the tracking or accept that I am "trading" away something whether I want to or not.

And most things you trade, btw, you can eventually replace or get back. Privacy not so much.

Finally, I'm not much of one for arguing on principles, I'm more about practical effects. Such a degree of monitoring and personal profiling and normalization of loss of privacy is dangerous. Our current degree of freedom in the West is a historical blip in terms of human history. It can be lost again and such monitoring as this - and I know people with think this is hysterical paranoia but sadly it is actually true - is a very powerful weapon in taking that freedom away.

7
1

Adobe and software pals haul Forever 21 to court over piracy allegations

h4rm0ny
Silver badge

Re: Lol

Oh please, forgive us for using phrases you don't approve of, grand[pa|ma]. We are young and foolish and haven't yet learnt that new phrases shouldn't enter the English language.

0
0

Tough at the top: IBM CEO Ginni Rometty troughs $10 MEELLION+

h4rm0ny
Silver badge

Re: That picture

>>"Why not? That's been tried with the white causcasian male contingent by many US corporations, and it turned out that the ugly and the handsome had equal quotients that were utterly incompetent, so we might as well settle for the less painful to look upon (let's enjoy that form of discrimination until it too is banned). "

Well seeing as you want to support discrimination (looks, racial and sex - what you don't want to throw in orientation while you're at it?) then you need to brush up on your statistics. Assume your hypotheses to be correct - that incompetence is equally distributed between looks, race, sex, etc. You conclude that it is therefore irrelevant if you appoint based on one of those things. Statistically, that's invalid. In any sample where the relevant selection criteria are equally distributed without regard to other qualities, discrimination on those other qualities will reduce the proportion of competent people. Think it through - any inclusion of irrelevant selection criteria must be at the cost of relevant selection criteria. There are few things I like less than physical discrimination, but bad statistics is one of them. Well done you on getting the double.

>>"Wouldn't you rather we had a few Chippendales in Parliament?"

No, not really. Parliament is showbusiness enough without pandering to the cameras even more. It's a very supportable position that Nixon lost to Kennedy because television had become common. Al Gore reportedly lost (if you accept that he did) to G.W. Bush in significant part due to physical image. When he fell off a stage, his rating dropped several points. Are you sure you don't think your attitude is damaging?

>>"And judging by the Labour party, they are positively discriminating against nice looking women. Is that what you're in favour of?"

Well no, rather obviously from my point that looks should be irrelevant to such careers, I'm not. I think you could have worked that out from my first post.

>>"You have a point, but equally you knew what I meant."

I'll remember that next time I review someone's code. Doesn't compile, but I knew what he meant.

1
3
h4rm0ny
Silver badge
Paris Hilton

Re: That picture

Tell you what, Ledswinger, lets start appointing CEOs based on looks - it does wonders for the world of music, after all.

Also, Dorian Gray was famed for being eternally youthful. You may not be saying what you're trying to say.

(Paris - so Ledswinger can look at something to resettle his nerves after the shock of a non-youthful woman).

0
0

Yahoo!'s Firefox search hook-up pays off as it nicks Google's US clicks

h4rm0ny
Silver badge

What is the security message and do you get it with any other browser? Different browsers can very occasionally have differences in the certificate chain that cause security warnings on one but not the other. Alternately, if it's something like Third Party cookies or something there's probably a setting. What's the message? It's probably not a conspiracy.

0
0

Google Now now SLURPS data from third party apps so YOU don't have to

h4rm0ny
Silver badge

Re: Sigh!

>>"Tell me, as a Google shill, how much do you get paid in goods, services and/or cash?"

Nice - you can't even keep on the morale high-ground when the article starts you off up there!

Lots of people like Google's services and are fine with Google nosing through their life for saleable bits of info. I'm not one of them but even I recognize that someone can feel like that without having to be paid to think it. Really, unless someone has a *very* good reason to suggest that someone is paid to post, "shill" is not a word that should be thrown around.

3
1
h4rm0ny
Silver badge

Re: And I was downvoted to Hell

Seems a reasonable use of the term to me. The shift in security mindset when you went from clients sitting on a LAN with few reasons to go "online" to everything is online by default, is a pretty fundamental change in world view, imo. No?

6
0

Google boffins PROVE security warnings don't ... LOOK! A funny cat!

h4rm0ny
Silver badge

I can get it higher. Try this:

"Your neighbour or that person over there at the next table could be looking at your screen right now. See that little padlock icon at the bottom that is red? That means you're broadcasting what you're doing right now."

Make it personal. It might not be completely accurate but mostly people are using Wi-Fi these days so it's good enough. But the real problem that leads to people ignoring the warnings is because they simply don't know what they can actually do about it. A warning saying "bad things might be happening" is just clutter if it doesn't tell you how to fix it. So person wants to visit site X. They get a warning. What next? Don't go to site X or make an uninformed choice about whether the risk is worthwhile and carry on. They don't know what the risks actually are, warnings are routine and people mostly think it wont happen to them, so they go to the site anyway.

There are only two ways to fix this. Either make your browser refuse to use a site where the certificates mismatch, no "ignore this" button. Or get things to the point where it is so rare that people actually are spooked by such a warning.

I don't think the second is happening any time soon, though the first would be a massive impetus to bring about the second. I actually would be in favour of the first if public certificates weren't such a money-making racket.

0
3

'Look into my eyes: You are feeling very worried about the climate ... so worried'

h4rm0ny
Silver badge

>>"1. Saying that Professor XY wants to manipulate people to think that there is a man made climate change, does not mean that man made climate change does not exist (if I read the article correctly, that is the conclusion that the author is trying to manipulate readers to understand). "

I've just re-read the article. Nowhere does it say whether AGW is or isn't real. Every statement in this article on the subject directly relates to whether or not the survey says what the professor says it does. Here's one for you - re-read the article, see if you can find any part that says or implies what you say it does above, and if not, retract your statement.

1
0
h4rm0ny
Silver badge

Re: Leaving aside that this is about climate change for a moment...

Once one ceases to doubt that one's cause is right, all methods become acceptable.

1
1
h4rm0ny
Silver badge

Re: Trojans

>>"Very cute. Even assuming that was true, what's stopping the scientist from concluding at the end of the study "my research doesn't prove or otherwise support the IPCC/UNFCCC claims"? The funding is already used at that point, so there's no reason to lie."

Right or wrong about whether this is the case, your logic is faulty. Research scientists live from grant to grant and the previous one is a determinant on whether you get the next. Publish a paper that gets damned by your peers, your chance of the next grant is reduced.

1
0

Sorry, admins: Microsoft says NO new Windows Server until 2016

h4rm0ny
Silver badge

Re: more FOSS adoption by Microsoft

>>"What is so incredulous about the mindset of most Microsoft dupes is that they forever denigrate Linux, BSD, Darwin based Apple OS X and all other Free/Open Source Software (FOSS) technology with incoherent drivel criticisms"

Assuming by "Microsoft dupes" you mean posters who defend MS products against criticism on these forums (as I often find myself doing, dogged being another and so on...), I actually don't recall any of us making "incoherent drivel criticisms" of OSS. On the contrary, I think most of us respect it. Want to back that up because to me that just sounds like manufacturing enemies.

5
6

Forums

Biting the hand that feeds IT © 1998–2018